Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

serve-static

Ecosystem:
npm
Package URL:
pkg:npm/serve-static
Total PRs:
2,950 Dependabot PRs
Latest PR:
19 days ago
Unique Repositories:
2,478 repositories
Unique Repos (30 days):
6 repositories
Security Advisories
Open Redirect in serve-static
GHSA-c3x7-gjmx-r2ff CVE-2015-1164 LOW published almost 6 years ago • updated 15 days ago
Versions of `serve-static` prior to 1.6.5 ( or 1.7.x prior to 1.7.2 ) are affected by an open redirect vulnerability on some browsers when configur...
serve-static vulnerable to template injection that can lead to XSS
GHSA-cm22-4g7w-348p CVE-2024-43800 LOW published almost 2 years ago • updated 11 days ago
### Impact passing untrusted user input - even after sanitizing it - to `redirect()` may execute untrusted code ### Patches this issue is patche...
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
Bump the npm_and_yarn group across 4 directories with 23 updates

OfficeDev/Microsoft-Teams-Samples #2257

1.16.2 → 1.16.3 Patch PR
Closed about 1 month ago 1 comment
OfficeDev
Bump the npm group across 1 directory with 37 updates

ghjm/connectopus #1121

2.2.0 → 2.2.1 Patch PR
Closed 2 months ago 1 comment
ghjm
Bump the npm_and_yarn group across 1 directory with 7 updates

AKJUS/popup-tools #1

1.11.1 → 1.11.2 Patch PR
Open 3 months ago 1 comment
AKJUS
Bump serve-static from 2.2.0 to 2.2.1

ministryofjustice/Claim-for-Crown-Court-Defence #9299

2.2.0 → 2.2.1 Patch PR
Open 3 months ago 1 comment
ministryofjustice
build(deps): bump the regular group across 1 directory with 35 updates

hung-org-117/test-2 #23

2.2.0 → 2.2.1 Patch PR
Open 4 months ago 1 comment
hung-org-117
Bump the npm group across 1 directory with 29 updates

ghjm/connectopus #1098

2.2.0 → 2.2.1 Patch PR
Closed 4 months ago 1 comment
ghjm
chore(deps)(deps): bump the patch-updates group with 126 updates

rinat3636/visa-card-landing #1

1.16.2 → 1.16.3 Patch PR
Open 4 months ago 1 comment
rinat3636
deps(deps): Bump the production-dependencies group across 1 directory with 172 updates

bcdady/ride-more-org #71

1.16.2 → 1.16.3 Patch PR
Closed 4 months ago 3 comments
bcdady
build(deps): bump the regular group with 34 updates

hung-org-117/test-2 #18

2.2.0 → 2.2.1 Patch PR
Open 4 months ago 2 comments
hung-org-117
deps(deps): Bump the production-dependencies group across 1 directory with 166 updates

bcdady/ride-more-org #67

1.16.2 → 1.16.3 Patch PR
Open 4 months ago 3 comments
bcdady
build(deps): bump the regular group across 1 directory with 31 updates

hung-org-117/test-2 #16

2.2.0 → 2.2.1 Patch PR
Closed 4 months ago 2 comments
hung-org-117
build(deps): bump the regular group across 1 directory with 33 updates

hung-org-117/test-2 #15

2.2.0 → 2.2.1 Patch PR
Open 4 months ago 1 comment
hung-org-117
build(deps): bump the regular group across 1 directory with 32 updates

hung-org-117/test-2 #14

2.2.0 → 2.2.1 Patch PR
Closed 5 months ago 2 comments
hung-org-117
deps(deps): bump the patch-updates group across 1 directory with 32 updates

mmarquet/strava-running-bot #74

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 2 comments
mmarquet
deps(deps): bump the production-dependencies group across 1 directory with 215 updates

aundre1/Video-Pool #18

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 1 comment
aundre1
deps(deps): Bump the production-dependencies group across 1 directory with 162 updates

bcdady/ride-more-org #53

1.16.2 → 1.16.3 Patch PR
Closed 5 months ago 3 comments
bcdady
npm(deps): bump the production-dependencies group across 1 directory with 156 updates

mdbudnick/bb-react-native #45

1.16.2 → 1.16.3 Patch PR
Closed 5 months ago 1 comment
mdbudnick
Bump the production-dependencies group across 1 directory with 12 updates

vishalpatel2890/td-mcp-modified #32

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
vishalpatel2890
chore(deps): Bump the minor-and-patch group across 1 directory with 39 updates

slamb2k/DevFlow #94

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
slamb2k
deps(deps): bump the production-dependencies group across 1 directory with 214 updates

aundre1/Video-Pool #14

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 1 comment
aundre1
deps(deps): Bump the production-dependencies group across 1 directory with 164 updates

bcdady/ride-more-org #51

1.16.2 → 1.16.3 Patch PR
Closed 5 months ago 3 comments
bcdady
npm(deps): bump the production-dependencies group across 1 directory with 153 updates

mdbudnick/bb-react-native #44

1.16.2 → 1.16.3 Patch PR
Closed 5 months ago 1 comment
mdbudnick
chore(deps): Bump the minor-and-patch group across 1 directory with 38 updates

slamb2k/DevFlow #92

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 2 comments
slamb2k
build(deps): bump the regular group across 1 directory with 34 updates

hung-org-117/test-2 #11

2.2.0 → 2.2.1 Patch PR
Closed 5 months ago 3 comments
hung-org-117
chore(deps): bump serve-static from 1.16.2 to 1.16.3

EverydayFireFriday/LiveLink_BE #531

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 2 comments
EverydayFireFriday
Bump the root-minor-and-patch group across 1 directory with 74 updates

aobaharuki2005/Electronics-eCommerce-Shop-With-Admin-Dashboard-NextJS-NodeJS #11

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 2 comments
aobaharuki2005
Bump the root-minor-and-patch group with 80 updates

aobaharuki2005/Electronics-eCommerce-Shop-With-Admin-Dashboard-NextJS-NodeJS #3

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 2 comments
aobaharuki2005
Bump the root-minor-and-patch group across 1 directory with 74 updates

aobaharuki2005/ecommerce-shop-fork #11

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 3 comments
aobaharuki2005
Bump the root-minor-and-patch group with 73 updates

aobaharuki2005/ecommerce-shop-fork #3

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 4 comments
aobaharuki2005
Bump serve-static from 2.2.0 to 2.2.1

aobaharuki2005/ecommerce-shop-OFFICIALv0 #59

2.2.0 → 2.2.1 Patch PR
Closed 5 months ago 3 comments
aobaharuki2005
deps(deps): bump the production-dependencies group across 1 directory with 158 updates

aundre1/Video-Pool #11

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 1 comment
aundre1
root(deps): bump the root-minor-and-patch group with 79 updates

baotg235019-soict/electronic-ecommerce-forkv1 #7

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
baotg235019-soict
root(deps): bump the root-minor-and-patch group with 79 updates

aobaharuki2005/ecommerce-shop-OFFICIALv0 #40

2.2.0 → 2.2.1 Patch PR
Closed 5 months ago 1 comment
aobaharuki2005
deps(deps): bump the minor-and-patch group across 1 directory with 93 updates

GreySole/Spooder #57

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
GreySole
fix(deps): bump the minor-patch-updates group across 1 directory with 56 updates

Cognigy/Cognigy-CLI #398

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
Cognigy
chore(deps): bump the production-dependencies group across 1 directory with 19 updates

BenisSula/saas-school-mgmt-system-new #46

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
BenisSula
build(deps): bump the regular group across 1 directory with 33 updates

hung-org-117/test-2 #10

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 2 comments
hung-org-117
chore(deps): Bump the minor-and-patch group across 1 directory with 34 updates

slamb2k/DevFlow #88

2.2.0 → 2.2.1 Patch PR
Open 5 months ago 1 comment
slamb2k
deps(client)(deps): bump the production-dependencies group across 1 directory with 103 updates

yue4521/digit-recognizer #73

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 2 comments
yue4521
deps(deps): bump the production-dependencies group with 150 updates

aundre1/Video-Pool #5

1.16.2 → 1.16.3 Patch PR
Open 5 months ago 2 comments
aundre1
deps(deps): Bump the production-dependencies group across 1 directory with 119 updates

bcdady/ride-more-org #47

1.16.2 → 1.16.3 Patch PR
Open 6 months ago 2 comments
bcdady
fix(deps): bump the minor-patch-updates group across 1 directory with 51 updates

Cognigy/Cognigy-CLI #389

2.2.0 → 2.2.1 Patch PR
Open 6 months ago 2 comments
Cognigy
deps(deps): bump the minor-and-patch group across 1 directory with 23 updates

skoops/bskyfirehose #14

2.2.0 → 2.2.1 Patch PR
Open 6 months ago 2 comments
skoops
deps(client)(deps): bump the production-dependencies group across 1 directory with 102 updates

yue4521/digit-recognizer #68

1.16.2 → 1.16.3 Patch PR
Open 6 months ago 2 comments
yue4521
chore(deps): bump the npm-minor-patch group across 1 directory with 90 updates

dfh3913/VoiceHub-749b4 #3

2.2.0 → 2.2.1 Patch PR
Open 6 months ago 2 comments
dfh3913
deps(deps): bump the security-updates group across 1 directory with 12 updates

koushik369mondal/WanderLust #424

1.16.2 → 1.16.3 Patch PR
Open 6 months ago 3 comments
koushik369mondal
chore(deps): Bump the production-dependencies group across 1 directory with 4 updates

haggistech/doc-system #30

2.2.0 → 2.2.1 Patch PR
Open 6 months ago 1 comment
haggistech
chore(deps):(deps): bump the production-dependencies group across 1 directory with 4 updates

Lullabot/lullabot-slackbot #211

2.2.0 → 2.2.1 Patch PR
Closed 6 months ago 1 comment
Lullabot
deps(deps): bump the minor-and-patch group across 1 directory with 19 updates

skoops/bskyfirehose #13

2.2.0 → 2.2.1 Patch PR
Closed 6 months ago 2 comments
skoops
chore(deps): Bump the minor-and-patch group across 1 directory with 32 updates

slamb2k/DevFlow #85

2.2.0 → 2.2.1 Patch PR
Open 6 months ago 1 comment
slamb2k
Package Details
Name: serve-static
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/serve-static
JSON API: View JSON
Security Advisories

2

Active advisories
LOW 2
View All npm Advisories
Package Information
Description:

Serve static files

Repository: https://github.com/expressjs/serve-static
Homepage: https://github.com/expressjs/serve-static#readme
Latest Release: 2.2.0
about 1 year ago
Dependent Repos: 4,975,561
Dependent Packages: 5,768
Downloads: 166,108,478
Ranking: Top 0.0003% by dependent repos Top 0.0102% by downloads Top 0.0158% by dependent pkgs
PR Status
Open 1,496 (50.7%)
Merged 304 (10.3%)
Closed 901 (30.5%)
PR Types
Major 67 (2.3%)
Minor 2,509 (85.1%)
Patch 59 (2.0%)
Removal 17 (0.6%)